This guy gets it the worry of SACK Panic A QUARTET OF SECURITY FLAWS have been found lurking in Linux and FreeBSD servers and systems, leaving them vulnerable to cyber attacks. The flaws were discovered by Netflix Information Security’s Jonathan Looney, who found they allow hackers to exploit TCP networking to cause system and service disruption. “The
This guy gets it the worry of SACK Panic
The flaws were discovered by Netflix Information Security’s Jonathan Looney, who found they allow hackers to exploit TCP networking to cause system and service disruption.
“The vulnerabilities specifically relate to the minimum segment size (MSS) and TCP Selective Acknowledgement (SACK) capabilities. The most serious, dubbed ‘SACK Panic’, allows a remotely-triggered kernel panic on recent Linux kernels,” explained Netflix’s advisory on GitHub.
In plain English, a kernel panic is bad news as it relates to a vulnerability that can bork an operating system to the extent that it can’t be recovered easily or might be bricked completely.
A kernel panic could, for instance, trigger a system restart in a targeted server, which in turn would yank the services and apps that machine was supporting offline. You’ll find that a kernel panic mostly applies to Unix-based systems and macOS machines; in Windows 10 PCs, it’s basically a blue screen of death. Such situations come with a high risk of data loss.
While the other three flaws appear to be more in the area of casing slowdown and other problems, SACK Panic is the most dangerous, especially to the many services that make use of Linux-based systems for delivering online services.
Thankfully, the patches for the vulnerabilities can easily be applied, and there are also workarounds to keep them at bay while waiting for patches to be pushed out or don’t have the scope to quickly modify their Linux and FreeBSD machines.
“Good system and application coding and configuration practices (limiting write buffers to the necessary level, monitoring connection memory consumption via SO_MEMINFO, and aggressively closing misbehaving connections) can help to limit the impact of attacks against these kinds of vulnerabilities,” said Netflix Information Security, so heavy Linux users can breathe easily. µ